Computer operating system logging and security issues: a survey

Logging has become a fundamental feature within the modern computer operating systems because of the fact that logging may be used through a variety of applications and fashion, such as system tuning, auditing, and intrusion detection systems. Syslog daemon is the logging implementation in Unix/Linux platforms, while Windows Event Log is the logging implementation in Microsoft Windows platforms. These logging implementations provide application program interfaces that, in turn, simplify logging functions from data collection to data storage. In this paper, we survey Unix, Linux, and Windows logging mechanisms and introduce their security issues. Copyright © 2016 John Wiley & Sons, Ltd.

[1]  Xingming Sun,et al.  Effective and Efficient Global Context Verification for Image Copy Detection , 2017, IEEE Transactions on Information Forensics and Security.

[2]  Bin-Hui Chou,et al.  A Secure Virtualized Logging Scheme for Digital Forensics in Comparison with Kernel Module Approach , 2008, 2008 International Conference on Information Security and Assurance (isa 2008).

[3]  Robert Love,et al.  Linux Kernel Development (2nd Edition) (Novell Press) , 2005 .

[4]  Xiangyu Zhang,et al.  Whole execution traces and their applications , 2005, TACO.

[5]  Yang Xiao,et al.  Intrusion detection techniques in mobile ad hoc and wireless sensor networks , 2007, IEEE Wireless Communications.

[6]  Nicholas Nethercote,et al.  Valgrind: A Program Supervision Framework , 2003, RV@CAV.

[7]  Sanjay Bhansali,et al.  Framework for instruction-level tracing and analysis of program executions , 2006, VEE '06.

[8]  Yang Xiao,et al.  Accountable Administration and Implementation in Operating Systems , 2011, 2011 IEEE Global Telecommunications Conference - GLOBECOM 2011.

[9]  John Mylopoulos,et al.  Log filtering and interpretation for root cause analysis , 2010, 2010 IEEE International Conference on Software Maintenance.

[10]  Yang Xiao,et al.  A Survey of Payment Card Industry Data Security Standard , 2010, IEEE Communications Surveys & Tutorials.

[11]  Jin Wang,et al.  Mutual Verifiable Provable Data Auditing in Public Cloud Storage , 2015 .

[12]  Pierre St. Juste,et al.  Enabling decentralized microblogging through P2PVPNs , 2013, 2013 IEEE 10th Consumer Communications and Networking Conference (CCNC).

[13]  Yang Xiao Flow-net methodology for accountability in wireless networks , 2009, IEEE Network.

[14]  Dario V. Forte,et al.  SecSyslog: an approach to secure logging based on covert channels , 2005, First International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'05).

[15]  Yang Xiao Accountability for wireless LANs, ad hoc networks, and wireless mesh networks , 2008, IEEE Communications Magazine.

[16]  Frank L. Lewis,et al.  Data-logging and supervisory control in wireless sensor networks , 2009, Int. J. Sens. Networks.

[17]  Mick Bauer,et al.  Paranoid penguin: syslog configuration , 2001 .

[18]  Anant Agarwal,et al.  TraceBack: first fault diagnosis by reconstruction of distributed control flow , 2005, PLDI '05.

[19]  Yang Xiao,et al.  Integration of mobility and intrusion detection for wireless ad hoc networks , 2007, Int. J. Commun. Syst..

[20]  Chengsheng Yuan,et al.  Fingerprint liveness detection based on multi-scale LPQ and PCA , 2016, China Communications.

[21]  Ashvin Goel,et al.  Reconstructing system state for intrusion analysis , 2008, OPSR.

[22]  David L. Sallach,et al.  A deductive database audit trail , 1992, SAC '92.

[23]  Helmut Degen,et al.  Linux in education: integrating a Linux cluster into a production high performance computing environment , 2001 .

[24]  Bo Fu,et al.  GlobalView: building global view with log files in a distributed/networked system for accountability , 2014, Secur. Commun. Networks.

[25]  Geethapriya Thamilarasu,et al.  iDetect: an intelligent intrusion detection system for wireless body area networks , 2016, Int. J. Secur. Networks.

[26]  Bo Fu,et al.  Accountability and Q-Accountable Logging in Wireless Networks , 2014, Wireless Personal Communications.

[27]  Xingming Sun,et al.  Segmentation-Based Image Copy-Move Forgery Detection Scheme , 2015, IEEE Transactions on Information Forensics and Security.

[28]  Bo Sun,et al.  Integration of mobility and intrusion detection for wireless ad hoc networks: Research Articles , 2007 .

[29]  Yang Xiao,et al.  Accountable administration in operating systems , 2017, Int. J. Inf. Comput. Secur..

[30]  Don E Maxwell,et al.  Correlating Log Messages for System Diagnostics , 2010 .

[31]  Daisuke Takahashi,et al.  Retrieving knowledge from auditing log-files for computer and network forensics and accountability , 2008, Secur. Commun. Networks.

[32]  Karen Kent,et al.  Guide to Computer Security Log Management , 2006 .